cyber security

WannaCry hasn’t hurt India's government, but there have been dangerous, unreported attacks before

Bring a cyber security law and amend the Information Technology Act to criminalise malicious online attacks, urge experts.

Computer systems of at least 18 Andhra Pradesh police units are among the hundreds in India compromised by the WannaCry ransomware attack, which began on May 12 and is estimated to have affected more than 200,000 computers across 150 countries so far.

Ransomware is a type of malicious software designed to block access to computer systems until a sum of money is paid. The malware is usually sent through email and blocks access by encrypting the targeted system’s data. The ransom is demanded to be paid in the virtual currency Bitcoin, which the Reserve Bank of India does not recognise as an authorised mode of exchange.

In India, ransomware attacks have become rampant since 2015, cyber security experts said, finding victims in a wide range of industries, from pharmaceuticals to hospitality and banking to information technology.

The latest global attack infected computers at private enterprises in Mumbai, Hyderabad, Bangalore and other cities. The Andhra Pradesh police was the first government agency to report being affected. Now, it has emerged that the Gujarat State Wide Area Network and customer care centres of the West Bengal Electricity Distribution Company Limited, a public sector undertaking, were affected as well.

For government agencies in India, though, WannaCry is not the first ransomware experience. At least two such attacks have been reported in the past one year.

State of vulnerability

In January 2017, three servers in the Delhi office of the Quality Council of India, an accreditation body set up jointly by the central government and the Indian industry associations, were attacked by Cerber ransomware. It took cyber security experts over 36 hours to unblock the system through decryption applications. No ransom had to be paid, said a cyber security expert who was involved in the operation.

According to Kislay Chaudhary, a cyber security consultant with the central government, using decryption applications to unblock ransomware-infected computers is easier said than done. There are thousands of decryption applications available on the internet and each has a specific purpose. So the operation is essentially a hit-and-miss. If all the available applications fail to decrypt the data, the only option left is to wait for the discovery of the malicious software’s kill switch to unblock the computer.

In May 2016, computer systems of Maharashtra’s revenue and public works departments were infected by Locky ransomware.

Ransomware blocks access to the infected computer by encrypting data and demands payment to unlock it. Image credit: Reuters
Ransomware blocks access to the infected computer by encrypting data and demands payment to unlock it. Image credit: Reuters

“It is not that government agencies are more vulnerable to these attacks,” said Chaudhary. “The most vulnerable are private or independent servers and customised mail boxes, which fail to spam emails with malware attachments, often because of lack of investment in making the systems safe enough, and inadequate research and development.”

Pavan Duggal, an advocate with expertise in cyber security law, however, contended that “what is visible on the surface is just the tip of the iceberg”.

“Most ransomware attacks are unreported and India is no exception to that,” he said. “Top information technology companies, banks and even government agencies in the country have witnessed such attacks in the past three years. But most attacks were local and isolated in nature. A mass attack like WannaCry is unprecedented.”

So, how can such attacks be tackled? Duggal said India must urgently enact a cyber security law and amend the Information Technology Act to make cyber attacks criminal offences and clearly chalk out the roles and responsibilities, accountability and liabilities of internet service providers and intermediary agencies in case of such offences.

Outside of the government, Cyber Peace Foundation, a Jharkhand-based cyber security non-profit, has invested in a project called Honey Net to combat cyber attacks. Under this project, the NGO has set up deliberately vulnerable computer networks in 10 states, including Jharkhand, Gujarat, Andhra Pradesh and Karnataka, to invite cyber attacks in order to analyse their nature. They recorded an unusual trend a day before the global cyber attack of May 12.

“The system which usually endures 147 cyber attack attempts per day on an average actually endured around 9,000 attacks on Thursday,” said the founder of the NGO Vineet Kumar. They have received requests to deal with 15 WannaCry infection. These clients include private enterprises, academic institutes and government agencies, Kumar said, but did not disclose their identities.

Lax security

In the wake of the WannaCry attack, the Indian government’s Computer Emergency Response Team issued a critical alert and an advisory while the Ministry of Information Technology reached out to key stakeholders such as the Reserve Bank of India, National Payments Corporation of India, National Informatics Centre and Unique Identification Authority of India, advising them to protect their systems against WannaCry and ensure protection of the digital payments ecosystem in the country, PTI reported. The Reserve Bank, in turn, directed banks to down their ATM networks until the machines received the Windows software update that protects against the ransomware.

“ATMs operations are usually outsourced to third parties and it is shocking that more than 70 percent of the ATM network in India operates on Windows XP,” said Chaudhary, referring to an older version of Microsoft’s operating system. “Microsoft has stopped issuing update patches for the XP, though the case of WannaCry is exceptional because they had released patches on receipt of prior input about a possible leak. But most users, including government agencies, often act reluctant in installing update files.”

Chaudhary also said Indian banks have witnessed several malware attacks in the past “but surprisingly many of them are yet to take adequate measures for protection”.

Support our journalism by subscribing to Scroll+ here. We welcome your comments at
Sponsored Content BY 

The next Industrial Revolution is here – driven by the digitalization of manufacturing processes

Technologies such as Industry 4.0, IoT, robotics and Big Data analytics are transforming the manufacturing industry in a big way.

The manufacturing industry across the world is seeing major changes, driven by globalization and increasing consumer demand. As per a report by the World Economic Forum and Deloitte Touche Tohmatsu Ltd on the future of manufacturing, the ability to innovate at a quicker pace will be the major differentiating factor in the success of companies and countries.

This is substantiated by a PWC research which shows that across industries, the most innovative companies in the manufacturing sector grew 38% (2013 - 2016), about 11% year on year, while the least innovative manufacturers posted only a 10% growth over the same period.

Along with innovation in products, the transformation of manufacturing processes will also be essential for companies to remain competitive and maintain their profitability. This is where digital technologies can act as a potential game changer.

The digitalization of the manufacturing industry involves the integration of digital technologies in manufacturing processes across the value chain. Also referred to as Industry 4.0, digitalization is poised to reshape all aspects of the manufacturing industry and is being hailed as the next Industrial Revolution. Integral to Industry 4.0 is the ‘smart factory’, where devices are inter-connected, and processes are streamlined, thus ensuring greater productivity across the value chain, from design and development, to engineering and manufacturing and finally to service and logistics.

Internet of Things (IoT), robotics, artificial intelligence and Big Data analytics are some of the key technologies powering Industry 4.0. According to a report, Industry 4.0 will prompt manufacturers globally to invest $267 billion in technologies like IoT by 2020. Investments in digitalization can lead to excellent returns. Companies that have implemented digitalization solutions have almost halved their manufacturing cycle time through more efficient use of their production lines. With a single line now able to produce more than double the number of product variants as three lines in the conventional model, end to end digitalization has led to an almost 20% jump in productivity.

Digitalization and the Indian manufacturing industry

The Make in India program aims to increase the contribution of the manufacturing industry to the country’s GDP from 16% to 25% by 2022. India’s manufacturing sector could also potentially touch $1 trillion by 2025. However, to achieve these goals and for the industry to reach its potential, it must overcome the several internal and external obstacles that impede its growth. These include competition from other Asian countries, infrastructural deficiencies and lack of skilled manpower.

There is a common sentiment across big manufacturers that India lacks the eco-system for making sophisticated components. According to FICCI’s report on the readiness of Indian manufacturing to adopt advanced manufacturing trends, only 10% of companies have adopted new technologies for manufacturing, while 80% plan to adopt the same by 2020. This indicates a significant gap between the potential and the reality of India’s manufacturing industry.

The ‘Make in India’ vision of positioning India as a global manufacturing hub requires the industry to adopt innovative technologies. Digitalization can give the Indian industry an impetus to deliver products and services that match global standards, thereby getting access to global markets.

The policy, thus far, has received a favourable response as global tech giants have either set up or are in the process of setting up hi-tech manufacturing plants in India. Siemens, for instance, is helping companies in India gain a competitive advantage by integrating industry-specific software applications that optimise performance across the entire value chain.

The Digital Enterprise is Siemens’ solution portfolio for the digitalization of industries. It comprises of powerful software and future-proof automation solutions for industries and companies of all sizes. For the discrete industries, the Digital Enterprise Suite offers software and hardware solutions to seamlessly integrate and digitalize their entire value chain – including suppliers – from product design to service, all based on one data model. The result of this is a perfect digital copy of the value chain: the digital twin. This enables companies to perform simulation, testing, and optimization in a completely virtual environment.

The process industries benefit from Integrated Engineering to Integrated Operations by utilizing a continuous data model of the entire lifecycle of a plant that helps to increase flexibility and efficiency. Both offerings can be easily customized to meet the individual requirements of each sector and company, like specific simulation software for machines or entire plants.

Siemens has identified projects across industries and plans to upgrade these industries by connecting hardware, software and data. This seamless integration of state-of-the-art digital technologies to provide sustainable growth that benefits everyone is what Siemens calls ‘Ingenuity for Life’.

Case studies for technology-led changes

An example of the implementation of digitalization solutions from Siemens can be seen in the case of pharma major Cipla Ltd’s Kurkumbh factory.

Cipla needed a robust and flexible distributed control system to dispense and manage solvents for the manufacture of its APIs (active pharmaceutical ingredients used in many medicines). As part of the project, Siemens partnered with Cipla to install the DCS-SIMATIC PCS 7 control system and migrate from batch manufacturing to continuous manufacturing. By establishing the first ever flow Chemistry based API production system in India, Siemens has helped Cipla in significantly lowering floor space, time, wastage, energy and utility costs. This has also improved safety and product quality.

In yet another example, technology provided by Siemens helped a cement plant maximise its production capacity. Wonder Cement, a greenfield project set up by RK Marbles in Rajasthan, needed an automated system to improve productivity. Siemens’ solution called CEMAT used actual plant data to make precise predictions for quality parameters which were previously manually entered by operators. As a result, production efficiency was increased and operators were also freed up to work on other critical tasks. Additionally, emissions and energy consumption were lowered – a significant achievement for a typically energy intensive cement plant.

In the case of automobile major, Mahindra & Mahindra, Siemens’ involvement involved digitalizing the whole product development system. Siemens has partnered with the manufacturer to provide a holistic solution across the entire value chain, from design and planning to engineering and execution. This includes design and software solutions for Product Lifecycle Management, Siemens Technology for Powertrain (STP) and Integrated Automation. For Powertrain, the solutions include SINUMERIK, SINAMICS, SIMOTICS and SIMATIC controls and drives, besides CNC and PLC-controlled machines linked via the Profinet interface.

The above solutions helped the company puts its entire product lifecycle on a digital platform. This has led to multi-fold benefits – better time optimization, higher productivity, improved vehicle performance and quicker response to market requirements.

Siemens is using its global expertise to guide Indian industries through their digital transformation. With the right technologies in place, India can see a significant improvement in design and engineering, cutting product development time by as much as 30%. Besides, digital technologies driven by ‘Ingenuity for Life’ can help Indian manufacturers achieve energy efficiency and ensure variety and flexibility in their product offerings while maintaining quality.


The above examples of successful implementation of digitalization are just some of the examples of ‘Ingenuity for Life’ in action. To learn more about Siemens’ push to digitalize India’s manufacturing sector, see here.

This article was produced on behalf of Siemens by the marketing team and not by the editorial staff.